X-Git-Url: http://git.euphorik.ch/?p=crypto_lab2.git;a=blobdiff_plain;f=labo2-fsharp%2FCryptoFile%2FAPI.fs;h=2f80c070fec56e6683a44bb79b55ca085ad668b1;hp=2cf2167a92191d2e2eabc16fd26c60517060c5de;hb=a29300558755d533aff12a6fb668c7e985ca4617;hpb=beda8d83dc421c479bdcf5ee626ec85ee8555a80 diff --git a/labo2-fsharp/CryptoFile/API.fs b/labo2-fsharp/CryptoFile/API.fs index 2cf2167..2f80c07 100644 --- a/labo2-fsharp/CryptoFile/API.fs +++ b/labo2-fsharp/CryptoFile/API.fs @@ -1,45 +1,104 @@ namespace CryptoFile + +open System open System.IO -type internal Metadata (d : (string * string) list) = - new (stream : Stream, size: int) = - let binaryReader = new BinaryReader (stream) - new Metadata ([]) +// To read and write metadata. +type internal Metadata (d: (string * string) list) = + // Read metadata from a stream. + new (stream : Stream) = + let reader = new BinaryReader (stream) + let length = reader.ReadByte () |> int + Metadata ([for i in 1..length -> reader.ReadString (), reader.ReadString ()]) + + // Write metadata to a stream. member this.WriteTo (stream : Stream) = - let binaryWriter = new BinaryWriter (stream) - List.iter (fun (key : string, value : string) -> binaryWriter.Write key; binaryWriter.Write value) d + let writer = new BinaryWriter (stream) + writer.Write (byte d.Length) + List.iter (fun (key : string, value : string) -> writer.Write key; writer.Write value) d + + // May raise 'KeyNotFoundException'. + member this.get (key: string) : string = + List.pick (function + | (k, v) when k = key -> Some (v) + | _ -> None) d module API = - let internal filename = "filename" - let internal creationTimeKey = "file-creation-time" + module internal MetadataKeys = + let filename = "filename" + let modificationTime = "file-modification-time" + + let internal (@@) a1 a2 = Array.append a1 a2 let generatKeysPair : Key * Key = Crypto.generateRSAKeysPair let encryptFile (inputFilePath : string) (outputFilePath : string) (signaturePrivKey: Key) (cryptPubKey : Key) = - let keyAES, keyMAC, iv = Crypto.rand 32, Crypto.rand 32, Crypto.rand 16 - let fileInfo = new FileInfo (inputFilePath) - use inputStream = new FileStream (inputFilePath, FileMode.Open, FileAccess.Read) + let keyAES, keyMAC, iv = Crypto.rand 16, Crypto.rand 32, Crypto.rand 16 + let fileInfo = FileInfo (inputFilePath) + use inputStream = fileInfo.OpenRead () use outputStream = new FileStream (outputFilePath, FileMode.Create, FileAccess.Write) - let writer = new BinaryWriter (outputStream) + use writer = new BinaryWriter (outputStream) + + outputStream.Position <- 32L + 256L // Skips mac and signature. They will be written later. - ignore <| writer.Seek (8 + 32 + 256, SeekOrigin.Current) // Skips file-content-size, mac and signature. They will be written later. + Crypto.encryptRSA cryptPubKey (keyAES @@ keyMAC @@ iv) |> writer.Write - Crypto.encryptRSA cryptPubKey (Array.append keyAES <| Array.append keyMAC iv) |> writer.Write + // Plaintext -> cryptoStream -> hmacStream -> cyphertext. + let hmacStream, hmac = Crypto.HMACStream keyMAC outputStream + use cryptoStream = Crypto.encryptAES keyAES iv hmacStream + use cryptoWriter = new BinaryWriter (cryptoStream) - printfn "pos: %A" outputStream.Position + // Write the file metadata. + let metaData = Metadata ([MetadataKeys.filename, fileInfo.Name + MetadataKeys.modificationTime, fileInfo.LastWriteTimeUtc.Ticks.ToString ()]) + metaData.WriteTo cryptoStream - use cryptoStream = Crypto.encryptAES keyAES iv outputStream - let cryptoWriter = new BinaryWriter (cryptoStream) + // Write the content of the file. + inputStream.CopyTo cryptoStream + cryptoStream.FlushFinalBlock () - // Write metadata. - let metaData = new Metadata ([filename, fileInfo.Name; creationTimeKey, fileInfo.CreationTimeUtc.Ticks.ToString ()]) - let metaDataStream = new MemoryStream () - metaData.WriteTo metaDataStream - cryptoWriter.Write (int metaDataStream.Length) - printfn "meta size: %A" (int metaDataStream.Length) - metaDataStream.Position <- 0L - metaDataStream.CopyTo cryptoStream - () + // Write the HMAC at the begining of the file. + outputStream.Position <- 0L + writer.Write hmac.Hash + // Write the signature. + Crypto.signRSA signaturePrivKey hmac.Hash |> writer.Write + + // May raise one of the following error: + // * IntegrityError + // * SignatureMismatch + // * UnableToDecryptAESKeys let decryptFile (sourceFilePath : string) (targetDirPath : string) (signaturePubKey: Key) (decryptPrivKey : Key) = - () + use inputStream = new FileStream (sourceFilePath, FileMode.Open, FileAccess.Read) + use reader = new BinaryReader (inputStream) + let mac = reader.ReadBytes 32 + let signature = reader.ReadBytes 256 + let keys = + try reader.ReadBytes 256 |> Crypto.decryptRSA decryptPrivKey + with + | :? Security.Cryptography.CryptographicException -> raise UnableToDecryptAESKeys + let keyAES = keys.[0..15] + let keyMAC = keys.[16..47] + let iv = keys.[48..63] + + // Integrity validation. + let mac' = Crypto.ComputeHMAC keyMAC inputStream + if mac' <> mac then + raise IntegrityError + + // Authentication validation. + if not <| Crypto.verifySignRSA signaturePubKey mac' signature then + raise SignatureMismatch + + // Decrypt metadata. + inputStream.Position <- 32L + 256L + 256L + use cryptoStream = Crypto.decryptAES keyAES iv inputStream + let metadata = Metadata cryptoStream + + // Create the file and write its content and metadata. + let filePath = Path.Combine (targetDirPath, metadata.get MetadataKeys.filename) + let modificationTime = DateTime (metadata.get MetadataKeys.modificationTime |> int64) + let fileInfo = FileInfo filePath + using (fileInfo.Create ()) <| fun outputStream -> cryptoStream.CopyTo outputStream + fileInfo.LastWriteTimeUtc <- modificationTime + \ No newline at end of file